This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(16, 43%, 11%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EP1%3C/text%3E%3C/svg%3E)
Hi,
I want to create a local user admin account on each computer in domain client Computers based on the name of domain user account as per requirements given below
1) Set password for “localuser” as “password”
2) Make “user” the member of local administrators group
3) USer must change password at next logon
For example:
I have a domain user account and it is called "mbiden" , the local user account should be called after creating "mbidenAdmin"
That is my PowerShell script with computername and Admin, it creating a local user admin with "Computername+"Admin", but I want to create create local admin based on the domain user account name
$a=$env:computername+"Admin"
New-LocalUser -AccountNeverExpires:$true -Password ( ConvertTo-SecureString -AsPlainText -Force 'password') -Name $a -FullName "Local Administrator" -Description "Local Administrator" | Add-LocalGroupMember -Group administrators
Can anybody help me?
Regards
Hi @PerserPolis-1732 ,
if you are logged-in with your domain user you can try $env:USERNAME instead of $env:computername in your script.
----------
(If the reply was helpful please don't forget to upvote and/or accept as answer, thank you)
Regards
Andreas Baumgarten
Hi,
I did change the script as following:
$a=$env:username+"Admin"
New-LocalUser -AccountNeverExpires:$true -Password ( ConvertTo-SecureString -AsPlainText -Force 'password') -Name $a -FullName "Local Administrator" -Description "Local Administrator" | Add-LocalGroupMember -Group administrators.
It is working with username but only if I run it locally on the machine, but it is not working if I deploy the script on the same machine with SCCM.
If I deploy it, it created "AdministratorAdmin"
Regards
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(272, 79%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECM%3C/text%3E%3C/svg%3E)
Hello,
You can try to have the information regarding the currently logged user with win32_LoggedOnUser :
$regexsession = '.+Domain="(.+)",Name="(.+)"$'
$session_user = Get-WmiObject -Class win32_LoggedOnUser | Select Antecedent -Unique
foreach($session in $session_user) {
if($session.antecedent -match $regexsession) {
#Matches[2] will contain the username
Write-Output $Matches[2]
}
}
Regards,
Hi,
thank you for your replay.
How does look the script with currently logged with my script?
Regards
Something like that :
$regexsession = '.+Domain="(.+)",Name="(.+)"$'
$session_user = Get-WmiObject -Class win32_LoggedOnUser | Select Antecedent -Unique
foreach($session in $session_user) {
if($session.antecedent -match $regexsession) {
#Matches[2] will contain the username
$a="$($Matches[2])Admin"
}
}
New-LocalUser -AccountNeverExpires:$true -Password ( ConvertTo-SecureString -AsPlainText -Force 'password') -Name $a -FullName "Local Administrator" -Description "Local Administrator" | Add-LocalGroupMember -Group administrators
Regards,